CSI2102 information security

Information Security in a Corperate Environment

Conceptual mapping of attacks and countermeassures
Lachlan Tubman Std No. 10339889 Due: 23rd August 2013

Contents
Introduction ............................................................................................................................................ 1 Scope ....................................................................................................................................................... 2 Assumptions:........................................................................................................................................... 2 Concept map key ................................................................................................................................ 3 Concept map ........................................................................................................................................... 4 Confidentiality ......................................................................................................................................... 5 Integrity ................................................................................................................................................... 6 Availability ............................................................................................................................................... 7 Attack Index ............................................................................................................................................ 8 o o o o Malicious code ............................................................................................................................ 8 Viruses ..................................................................................................................................... 8 Worms ..................................................................................................................................... 8 Trojan horses .......................................................................................................................... 8 Spyware................................................................................................................................... 8 DoS/DDoS .................................................................................................................................... 8 Spoofing ...................................................................................................................................... 8 Man-in-the-Middle...................................................................................................................... 9 back doors ................................................................................................................................... 9 virus hoaxes ................................................................................................................................ 9 mail bombing: ............................................................................................................................. 9 sniffers......................................................................................................................................... 9

Conclusion: .......................................................................................................................................... 9 References .............................................................................................................................................. 9

Introduction
In recent years the world has had an ever growing dependence on the monumental power of computational technology; especially in the field of storing and securing information. Fisher, Halibozek and Walters excellently bring this into perspective in there text Introduction to Security explaining that computers have become an important part of peoples lives, becoming an integral part of the way we work, teach, learn, and even play. In government and business, computers are used to process, store and transmit vast amounts of information. Information processing tasks that 1

used to take days or weeks for workers to compile are handled by todays computers in mere minutes, translating into greater efficiencies and greater productivity. Moreover information systems are becoming primary methods of communication. (Fisher. J, Halibozek. E, Walters. D, introduction to security, 9th edition 2013 p.435). There is no argument that electronic storage of information is the dominant forerunner of information storage in the 21st century, but as the use of information technology expands so does its by-product, cybercrime. Information technology now allows criminals to easily access sensitive information that they would otherwise never come in contact with; this propagates acts of information/identity theft, espionage, extortion, blackmail and terrorist activity, among other things. It is due to ITs vulnerabilities that the role of the information security professional was conceived, employed to combat attacks on sensitive information. The duties of information security specialists have varied over the years, reflecting the progression of computational advancement. Initially the role of an information security specialist was the physical securing of computers and the data stored within, this is outlined in Whitman & Mattords principles of information security during these early year, information security was a straightforward process composed predominantly of physical security and simple document classification schemes. The primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage. (principles of Information Security 4th edition, 2012 p.3). In comparison, today the level and extent of threats faced by information security professionals is far wider than it once was, a variety of these threats will be identified in a later section. To help combat the degradation, theft and privacy of information a general index of important factors was implemented; known as the CIA triad. The triad suggests that, to secure information, it must be confidential, meaning it may only be accessed by authorized personnel, that it must have integrity, meaning the information must be valid, and the information must be readily available when needed. (Johnson. B, information security basics, ISSA Journal, July 2010)

Scope: In this assignment I will be mainly focused on the diagrammatically foregrounding of the
specific attacks upon the CIA triad, the likelihood and impact of each attack followed by the corresponding countermeasures, how much they will cost and there mitigation effect. The diagram will also be accompanied by a short explanation of the various attacks to supplement viewers understanding of the threats and how to counter them.

Assumptions:
The attacks shown in the diagram are a reference for the most likely and feasible possibilitys, as it would be unpractical to list the innumerable list of attack variations Paul is susceptible to. Password by-passes are not includes as an attack due to Paul not initially having any passwords

As there is no mention of Paul being a full time employee of the bank it is assumed that he has been outsourced to consult on behalf of the bank, which leads to the assumption that Paul also does not operate under the same regulatory guidelines as other fulltime employees of the bank. The model of car Paul drives permits a perpetrator to gain entry into it without enabling any built in alarm system. While frequenting various internet cafes Paul utilizes his work laptop to access the cafes wireless network and not a computer that is supplied by the cafes. Paul accesses confidential files while at internet cafes and is not environmentally aware of who may be observing the information on his computer. The majority of the Internet cafes Paul frequents do not have secure network and may be infected with malware and spying software from other users. Pauls smartphone is a iPhone 4 running IOS 5.0 (Z. Whittaker November 17, 2011 -- 06:25 GMT - http://www.zdnet.com/blog/btl/iphone-most-popular-business-phone-blackberryloses-vital-street-cred/63766) Paul utilizes Internet Explorer 8 as it is the default search engine for Windows 7 Paul utilizes his Smartphone and iPad to contact customers and sometimes accesses confidential information on these devices regarding business loans and bank information. Paul connects his smartphone and iPad to the internet cafes wireless network The vulnerability of Pauls information is focused on when it is in his car and when he is utilizing unsecure networks at internet cafes

Concept map key

Concept map

Confidentiality

Integrity

Availability

Attack Index
Malicious code
The malicious code attack includes the execution of viruses, worms, Trojan horses, and active web script with the intent to destroy or steal information. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.63)
o Viruses

A virus is any hidden computer code that copies itself to other programs (Fischer. R, Halibrozek .E, Walters. D, introduction to security,2013, p.445).
o Worms

worms take over computer memory and deny its use to legitimate programs ((Fischer. R, Halibrozek .E, Walters. D, introduction to security,2013, p.446)
o Trojan horses

Trojan horse programs initially appear legitimate and will behave as if they were doing what the computer operator expects. However, the Trojan horse contains either a block of undesired computer code or another computer program that allows it to do detrimental things to the system of which the operator is not aware, such as infecting a machine with a virus, worm, bomb or trapdoor. (Fischer. R, Halibrozek .E, Walters. D, introduction to security,2013, p.445)
o Spyware

spyware is any technology that aids in gathering information about a person or organization without their knowledge. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.63)

DoS/DDoS
In a denial of service (DoS) attack, the attacker sends a large number of connection or information requests to a target. So many requests are made that the target system becomes overloaded and cannot respond to legitimate requests for service. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.65)

Spoofing
Spoofing is a technique used to gain unauthorized access to computers, wherein the intruder sends messages with a source IP address that has been forged to indicate that the message are coming from a trusted source. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.66)

 Man-in-the-Middle
In the well-known man-in-the-middle or TCP hijacking attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.66)

back doors
Using a known or previously unknown and newly discovered access mechanism, an attacker can gain access to a system or network resource through a back door. Sometimes these entries are left behind by system designers or maintenance staff, and thus are called trap doors. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.64) virus hoaxes A more devious attack on computer systems is the transmission of a virus hoax with a real virus attached. When the attack is masked in a seemingly legitimate message, unsuspecting users more readily distribute it. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p. 64) mail bombing: Another form of (email) attack that is also a DoS is called a mail bomb, in which an attacker routes large quantities of e-mails to the target. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.68)

sniffers
A sniffer is a program or device that can monitor data travel over a network. (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012 p.68) they can also be used to steal data in transit.

Conclusion:
Through the identification of threats faced in the background scenario and the implementation of countermeasures to combat these attacks the risks to the CIA triad can be minimalized, this being the objective of the information professional. And in Pauls cause it will keep the banks information and the clients details secure for a cost effective budget. It is also worth mentioning that the attacks listed are only very broad and rudimentary as the number of attacks and variations of circumstances is limitless.

References

(Fischer. R, Halibrozek .E, Walters. D, introduction to security,2013) (Whitman. M, Mattord.H, principles of Information Security 4th edition, 2012
(Johnson. B, information security basics, ISSA Journal, July 2010)